Vulnerabilities > Apple > MAC OS X > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-19 | CVE-2005-1260 | Resource Exhaustion vulnerability in multiple products bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb"). | 5.0 |
| 2005-05-12 | CVE-2005-0971 | Unspecified vulnerability in Apple mac OS X Stack-based buffer overflow in the semop system call in Mac OS X 10.3.9 and earlier allows local users to gain privileges via crafted arguments. | 4.6 |
| 2005-05-12 | CVE-2005-0969 | Unspecified vulnerability in Apple mac OS X Heap-based buffer overflow in the syscall emulation functionality in Mac OS X before 10.3.9 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via crafted parameters. | 4.6 |
| 2005-05-04 | CVE-2005-1341 | Multiple vulnerability in Apple Mac OS X Apple Terminal 1.4.4 allows attackers to execute arbitrary commands via terminal escape sequences. | 5.1 |
| 2005-05-04 | CVE-2005-1338 | Local Security vulnerability in Apple mac OS X 10.3.9 Mac OS X 10.3.9, when using an LDAP server that does not use ldap_extended_operation, may store initial LDAP passwords for new accounts in plaintext. | 4.6 |
| 2005-05-04 | CVE-2005-1336 | Local Security vulnerability in Apple mac OS X 10.3.9 Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitrary code via a long environment variable. | 4.6 |
| 2005-05-04 | CVE-2005-1333 | Directory Traversal vulnerability in Apple mac OS X 10.3.9 Directory traversal vulnerability in the Bluetooth file and object exchange (OBEX) services in Mac OS X 10.3.9 allows remote attackers to read arbitrary files. | 5.0 |
| 2005-05-04 | CVE-2005-1331 | Multiple vulnerability in Apple Mac OS X The AppleScript Editor in Mac OS X 10.3.9 does not properly display script code for an applescript: URI, which can result in code that is different than the actual code that would be run, which could allow remote attackers to trick users into executing malicious code via certain URI characters such as NULL, control characters, and homographs. | 5.1 |
| 2005-05-04 | CVE-2005-1330 | Improper Input Validation vulnerability in Apple mac OS X and mac OS X Server AppKit in Mac OS X 10.3.9 allows attackers to cause a denial of service (Cocoa application crash) via a malformed TIFF image that causes the NXSeek to use an incorrect offset, leading to an unhandled exception. | 4.9 |
| 2005-05-02 | CVE-2005-0712 | Unspecified vulnerability in Apple mac OS X 10.1/10.2/10.3.4 Mac OS X before 10.3.8 users world-writable permissions for certain directories, which may allow local users to gain privileges, possibly via the receipt cache or ColorSync profiles. | 4.6 |